REMARKS 

The claims remaining in the present application are Claims 13-22 and 24-38. 
Claims 13-22 and 24-38 are rejected. Claims 13, 16-21 and 24 are amended 
herein. No new matter has been added as a result of these amendments. 

CLAIM REJECTIONS 
35 U.S.C. §112. second paragraph 
Claims 17 and 24 are rejected under 35 U.S.C. §112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. Specifically, Claims 1 7 and 24 are 
rejected as including limitations having insufficient antecedent basis. Claims 17 and 
24 are amended, correcting the instances of insufficient antecedent basis. 
Therefore, Applicants respectfully submit that that these claims overcome the 
rejection under 35 U.S.C. § 112, second paragraph. 

35 U.S.C. §1 02(e) 
Claims 13-16, 18-22 and 25-30 are rejected under 35 U.S.C. §1 02(e) as 
being anticipated by United States Patent Application Publication 2002/0083344 by 
Vairavan, hereinafter referred to as the "Vairavan" reference. Applicants have 
reviewed the cited reference and respectfully submit that the present invention as 
recited in Claims 13-16, 18-22 and 25-30 is not anticipated by Vairavan. 

Applicants respectfully direct the Examiner to independent Claim 13 that 
recites that an embodiment of the present invention is directed to (emphasis added): 

A computer-readable medium having stored thereon a program, 
which when run on a processor, performs a method of managing a 
network, said method comprising: 

comparing addresses associated with packets received at a first 
port in said network with expected addresses for said first port to 
determine unexpected addresses : and 
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tracing a topology of said network to determine a second port at 
which a packet associated with an unexpected address entered said 
network. 



Independent Claim 22 recites similar limitations. Claims 14-16 and 18-21 that 
depend from Independent Claim 13 and Claims 25-30 that depend from 
Independent Claim 22 provide further recitations of the features of the present 
invention. 

According to the Federal Circuit, "[anticipation requires the disclosure in a 
single prior art reference of each claim under consideration" (W.L. Gore & Assocs. v. 
Garlock Inc., 721 F.2d 1540, 220 USPQ 303, 313 (Fed. Cir. 1983); see also MPEP 
2131). However, it is not sufficient that the reference recite all the claimed 
elements. As stated by the Federal Circuit, the prior art reference must disclose 
each element of the claimed invention " arranged as in the claim " (emphasis added; 
Lindermann Maschinenfabrik GmbH v. American Hoist & Derrick Co., 730 F.2d 
1452, 221 USPQ 481, 485 (Fed. Cir. 1984); see also In re Bond, 910 F.2d 831, 15 
USPQ2d 1566 (Fed. Cir. 1990); see also MPEP 2131). In other words "[t]he 
identical invention must be shown in as complete detail as is contained in the 
...claim" (emphasis added; Richardson v. Suzuki Motor Co., 868 F.2d 1226, 1236, 9 
USPQ2d 1913, 1920 (Fed. Cir. 1989); see also MPEP 2131). 

Applicants respectfully submit that Vairavan and the claimed invention are 

very different. Applicants understand Vairavan to teach a networking device 

including a packet processor that can function as a network address translation 

(NAT) router ([0060]). The packet processor can also include a firewall module for 

providing security based on a security policy database ([0086]). Applicants 

understand the firewall module to implement different types of filtering algorithms for 

restricting access within a virtual private network (VPN) ([0086] through [0101]). 
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Specifically, Applicants respectfully submit that the firewall module of Vairavan is not 
operable to "determine unexpected addresses" of received packets. 

Furthermore, Applicants respectfully assert that Vairavan does not teach, 
describe or suggest " tracing a topology of said network to determine a second port 
at which a packet associated with an unexpected address entered said network," as 
claimed (emphasis added). Applicants understand Vairavan to teach that the 
firewall module may include a network intrusion detection mechanism that can 
detect misuse of a network by analyzing usage patterns for received packets 
([0090]). In particular, Vairavan is silent as to tracing a topology of a network to 
determine a port with an unexpected address. Applicants have reviewed the 
Vairavan reference, and are unable to locate any teaching of tracing a network 
topology to locate a port with an unexpected address. 

In contrast, the claimed embodiments recite a method of managing a 
network, including " tracing a topology of said network to determine a second port at 
which a packet associated with an unexpected address entered said network," as 
claimed," as claimed (emphasis added). As described in the current specification, 
"[i]f the MAC address is not expected, then the topology is traced ... to find the host 
port 1 1 5 where the unexpected MAC address was learned, in step 450" (page 16, 
lines 21-23, emphasis added). 

Therefore, Applicants respectfully assert that nowhere does Vairavan teach, 
disclose or suggest the claimed embodiments of the present invention as recited in 
independent Claims 13 and 22, that these claims overcome the rejection under 35 
U.S.C. § 102(e), and are thus in a condition for allowance. Applicants respectfully 
submit that Vairavan also does not teach or suggest the additional claimed features of 



Serial No. 10/005,066 
Examiner: Tran, Nghi V. 



- 10- 



Art Unit 2151 
10015520-1 



r 



the present invention as recited in Claims 14-16 and 18-21 that depend from 
independent Claim 13 and Claims 25-30 that depend from independent Claim 22. 
Therefore, Applicants respectfully submit that Claims 14-16, 18-21 and 25-30 also 
overcome the rejection under 35 U.S.C. § 102(e), and are in a condition for allowance 
as being dependent on allowable base claims. 



35 U.S.C. 5103(a) 

Claims 17, 24 and 31-38 are rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Vairavan in view of United States Patent No. 5,805,801 by Holloway 
et al., hereinafter referred to as the "Holloway" reference. Claim 17 depends from 
independent Claim 13 and Claim 24 depends from independent Claim 22. Applicants 
have reviewed the cited references and respectfully submit that the present invention 
as recited in Claims 17, 24 and 31-38 is patentable over the combination of Vairavan in 
view of Holloway for the following rationale. 



Applicants respectfully direct the Examiner to independent Claim 31 that 

recites that an embodiment of the present invention is directed to (emphasis added): 

A network comprising: 

a plurality switches; 

said switches interconnected and configured to control 
communication between a plurality of devices coupled to said network; 

a database having stored therein a stored physical topology of 
said network and authorized addresses associated with packets 
processed at ports of said switches, wherein said authorized 
addresses are based on said stored physical topology; 

a configuration agent that is able to program said switches 
based on said authorized addresses to detect a packet having an 
unauthorized address; and 

a management agent that is able to: 

compare addresses learned by said switches against 

said authorized addresses to determine an unauthorized 

address; and 

trace a topology of said network to determine a port 
where a packet associated with said unauthorized address 
entered said network. 
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Claims 32-38 that depend from Independent Claim 31 provide further recitations of 
the features of the present invention. 

As described above, Vairavan and the claimed invention are very different. 
Applicants understand Vairavan to teach that the firewall module may include a 
network intrusion detection mechanism that can detect misuse of a network by 
analyzing usage patterns for received packets ([0090]). In particular, Vairavan is 
silent as to tracing a topology of a network to determine a port with an unexpected 
address. Applicants have reviewed the Vairavan reference, and are unable to 
locate any teaching of tracing a network topology to locate a port with an 
unexpected address. Specifically, Vairavan does not describe, teach or suggest 
" tracing a topology of said network to determine a second port at which a packet 
associated with an unexpected address entered said network," as claimed 
(emphasis added). 

Furthermore, Applicants respectfully assert that the combination of Vairavan 
and Holloway fails to teach or suggest the claimed embodiments because Holloway 
does not overcome the shortcomings of Vairavan. Holloway, alone or in 
combination with Vairavan, does not show or suggest " tracing a topology of said 
network to determine a second port at which a packet associated with an 
unexpected address entered said network," as claimed (emphasis added). 

Applicants respectfully assert that Holloway does not teach a system that 
traces a topology of a network to determine a port where a packet associated with 
said unauthorized address entered said network. In contrast, Holloway teaches that 
if the managed hub detects an unauthorized station connecting to the LAN, the hub 
disables the port and transmits a security breach detected frame (col. 3, lines 6-8). 
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However, Holloway does not teach or suggest the claimed tracing of the topology to 
determine the port where a packet associated with said unauthorized address 
entered said network, as claimed. 

Therefore, Applicants respectfully assert that nowhere does the combination of 
Vairavan in view of Holloway teach, disclose or suggest the claimed embodiments of 
the present invention as recited in independent Claims 13, 22 and 31 , that these claims 
overcome the rejection under 35 U.S.C. § 103(a), and are thus in a condition for 
allowance. Applicants respectfully submit that the combination of Vairavan in view of 
Holloway also does not teach or suggest the additional claimed features of the present 
invention as recited in Claim 17 that depends from independent Claim 13, Claim 24 that 
depends from independent Claim 22, and Claims 32-38 that depend from independent 
Claim 31 . Therefore, Applicants respectfully submit that Claims 17, 24 and 32-38 also 
overcome the rejection under 35 U.S.C. § 103(a), and are in a condition for allowance 
as being dependent on allowable base claims. 
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CONCLUSION 



In light of the above listed amendments and remarks, reconsideration of the 
rejected claims is requested. Based on the arguments and amendments presented 
above, it is respectfully submitted that Claims 13-22 and 24-38 overcome the 
rejections of record. Therefore, allowance of Claims 13-22 and 24-38 is respectfully 
solicited. 

Should the Examiner have a question regarding the instant amendment and 
response, the Applicants invite the Examiner to contact the Applicants' undersigned 
representative at the below listed telephone number. 




Respectfully submitted, 
WAGNER, MURABITO & HAO LLP 



Dated: 6 



, 2006 




John P. Wagner 
Registration No. 35,398 



Address: 



WAGNER, MURABITO & HAO LLP 
Two North Market Street 
Third Floor 

San Jose, California 951 13 



Telephone: 



(408) 938-9060 Voice 
(408) 938-9069 Facsimile 
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